Presentation slides from the Final EVITA Workshop on 23 November

Transcripción

Presentation slides from the Final EVITA Workshop on 23 November
Project acronym:
Project title:
Project reference:
Programme:
Objective:
Contract type:
Start date of project:
Duration:
EVITA
E-safety vehicle intrusion protected applications
224275
Seventh Research Framework Programme (2007–2013) of the
European Community
ICT-2007.6.2: ICT for cooperative systems
Collaborative project
1 July 2008
42 months
Deliverable D1.2.5.2:
Presentation Slides from the
Final EVITA Workshop on
Security of Automotive On-Board Networks
Editor:
Olaf Henniger (Fraunhofer Institute SIT)
Dissemination level:
Deliverable type:
Date:
Workshop venue:
Public
Other
23 November 2011
Honda Academy, Erlensee, Germany
Abstract
Car-to-car communication heralds a new era of traffic safety and intelligent traffic management, but at the same time also entails new threats. To provide a secure basis for car-to-car
communication, the European research project EVITA designed, verified, and prototyped
security building blocks for automotive on-board networks. The security building blocks are
deployed inside lab cars demonstrating various applications that require security measures. As
the project draws to a close, the EVITA consortium held a Workshop on Security of Automotive On-Board Networks in order to present major results of the project to the public. The
workshop took place at the Honda Academy in Erlensee, Germany, on the day before the Car
2 Car Forum 2011 of the Car 2 Car Communication Consortium. All interested parties were
invited to attend the Final EVITA Workshop.
ii
Contents
Hans Brandl (Infineon Technologies AG)
Keynote address: Trusted computing for mobile and embedded systems .......... 1
Yves Roudier (EURECOM)
Motivation, objectives, and approach of the EVITA project ............................ 15
Marko Wolf (escrypt GmbH)
Secure on-board architecture specification ..................................................... 19
Hendrik Schweppe (EURECOM)
Secure on-board protocols ............................................................................... 28
Hervé Seudié (Robert Bosch GmbH)
Integration into AUTOSAR ............................................................................... 37
Benjamin Weyl (BMW Group Research and Technology)
EVITA prototype and demonstrator overview .................................................. 43
Jos Dumortier (K.U. Leuven)
Legal requirements on automotive on-board networks .................................... 52
Frank Kargl (University of Twente)
Uptake of EVITA results in the PRESERVE project......................................... 56
iii
iv
Workshop
"Security of Automotive On-Board Networks“
Trusted Computing in
Mobile and Embedded
Systems
23. November 2011
[email protected]
IT System Attacks are increasing
despite all Security and Encryption Features
[Reports to CERT/CC]
Page 2
1
Computing Platforms:
The Problem and the Solution
Inadequate Security on standard computing Platforms
 The problem of platform security exists since the early 70’s
 General purpose Computers lack fundamental security
mechanisms. There are encryption modules , but attacks
circumventing.
 Most attacks occur through manipulations of the integrity,
not on hacking algorithm!
 What is necessary, is an affordable hardware security module
and the necessary OS functionality for the computing
platform, which allows at least

Measurement of the integrity of the platform

Secure storage and digital signing of data, keys and
certificates
Page 3
Today’s Perception of System Trust
Page 4
2
Who is TCG?
The Trusted Computing Group (TCG) is an international industry
standards group
The TCG develops specifications amongst its members
Upon completion, the TCG publishes the specifications
Anyone may use the specifications once they are published
The TCG publicizes the specifications and uses membership
implementations as examples of the use of TCG Technology
The TCG is organized into a work group model whereby experts
from each technology category can work together to develop the
specifications
This fosters a neutral environment where competitors and
collaborators can develop industry best capabilities that are
vendor neutral and interoperable
Page 5
TCG Standards and its Community
Global Standardization:
TPM 1.2 spec (2003) is
ISO/IEC 11889 standard
(2008)
TCG Community
# of Organizations
Australia
1
Austria
2
elgium
Belgium
1
Canada
8
91 TCG Specifications
published to-date (since
2003)
Greater China
5
Finland
1
Worldwide TPM
shipment:
400 million -500 million
Israel
4
Japan
12
Adoption Examples:
Healthcare
Government
E-Commerce
Financial Applications
3
France
6
Germany
12
India
1
Korea
3
Netherlands 2
Norway
1
Russia
1
Sweden
1
Switzerland
2
United Kingdom
11
United States
79
Page 6
Where do we see TCG Technology today?
 Commercialized and available
1. High Assurance Platforms (HAP)
2. Self-encrypting drives (SEDs)
3 Network
3.
N t
k security
it (TNC)
4. Trusted Platform Modules (TPMs)
 Applications/solutions that use TCG Technology
1. Machine Identity
2. VPN/wireless access
3. Data at rest
4 SCADA
4.
5. Clientless endpoint meta data management
6. Hardware-based cloud subscriber management
7. Trusted execution
Page 7
Trusted Platform Module
Providing the Root for the Chain of Trust
Execution
Flow
Measurement
Flow
Application Code (BIOS)
6
5
OS Code
4
3
OS Loader Code
2
1
CRTM Code (BIOS)
Trusted Building Blocks + Root of Trust
 The Core Root of Trust for Measurement (CRTM) MUST be an immutable portion
of the Platform’s initialization code that executes upon a Platform Reset. The
Platform’s execution MUST begin at the CRTM upon any Platform Reset.
 The trust in the Platform is based on this component. The trust in all
measurements is based on the integrity of this component.
Set date
Copyright © Infineon Technologies 2011. All rights reserved.
4
Page 8
Trusted Platform Module
A nearly unlimited, secure Storage Key Hierarchy
TPM
Endorsement
Key
Authorization
Data
External Storage (Disk)
Platform Cert.
Keys 1…n
Conformance
Cert.
PCRs
Storage Key
AIK Key
Key Cache Manager
Storage Root
Key
Signature Key
Gen. Data
 Storage Root Key (SRK) forms the root of a key hierarchy in which other
lower-order keys, but also data (blobs), are securely stored. Their
trustworthiness therefore depending on the SRK. With the help of the TSS
Core Services the storage area is extended to external memory and
therefore nearly unlimited.
 The SRK is automatically generated by the owner in a “Take Ownership”
operation. If the owner of a TPM gives up this ownership, this also deletes
the SRK and also makes all the keys protected by it completely unusable,
which is welcome for data protection purposes.
AIK = Attestation Identity Keys
Set date
Copyright © Infineon Technologies 2011. All rights reserved.
Page 9
Do we really need Security and Trust for
Embedded ?
 In the past embedded systems were small computers in an isolated
environment with stable and fixed programs:

No attacks via networks

No real economical motivation for hacking

Small and well defined functionality with fixed loaded code, nothing
dynamic

No real economical advantage from interception and eavesdropping

Embedded systems were an island of tranquility and peace
 The situation has already changed:

Embedded networks are now connected to the internet. Attack methods
from other networks are also applied to embedded networks

The entire value of equipment may be embodied as stored parameters in
an embedded system, which becomes a target worth hacking

Security and safety is mandatory in a changing world

STUXNet woke up the industry
Embedded systems have lost their security innocence
Page 10
5
Embedded Systems Security and Trust:
No Longer Just Data Encryption
 Integrity of the whole system: detecting modifications of the code,
data or hardware structure which might be caused either by accident
(system faults) or external attacks (viruses etc.)
 Safety: operational conditions, error tolerance, fault handling, failsafe
conditions, automatic detection of error conditions, automatic and
protected handover to replacement systems
 Protection against cloning and copyright violation
 Digital Rights Management for handling data and content
 Communication security: preventing misuse of communication links,
authentication of participants, access rights, policy enforcement etc.
 Privacy
Page 11
New Embedded Platform Requirements
 Multi Tenant Structures for multifunctional applications:
Example: Cars or mobile phones

-
Manufacturer
-
Service provider
-
Owner
 New protection models against the outside: e.g. protecting the
device against its owner
 New security and conformance paradigma (new attacks are
expected in the future, counter measurements are needed
today)
d )
 Working under attack means operate under an erroneous
environment.
 Override the complexity barrier of everyday product (like cars)
will need TC functionality and is also a matter for strategic
product design.
Page 12
6
TCG Embedded Systems Work Group
To address the upcoming demands from society and
market , TCG has established the Embedded Systems
(EmSys) Work Group to adapt existing standards
and create new standards for the needs
of embedded platforms
 EmSys works on technical specifications such as :
• Additional TPM interfaces for embedded systems:
¬ I2C, SPI etc.
• Additional TPM functionalities for embedded such as:
¬ Secure boot, local attestation, remote activation and many
more
• Integrated TPM and support for specific environments like
integrated, trusted sensors or active TPM modules
Page 13
Complete Trusted Enterprise
Solutions
Virtualized Platform
Mobile Phones
Printers &
Hardcopy
A th ti ti
Authentication
Network
Security
Storage
Applications
•Software Stack
•Operating Systems
•Web Services
•Authentication
•Data Protection
Security
Hardware
Desktops &
Notebooks
Infrastructure
Servers
Embedded
Systems
7
Page 14
EmSys also works on Solution Specs
 Systems and use cases for

Automotive

SmartGrids

Industrial Control

Medical

Critical Infrastructures and much more
 Seamless Integration into existing infrastructures like PKI
 Deployment support for devices and data (esp
(esp. certificate
management)
Collaboration and Liaisons:
 Intensive cooperation with research organizations and
universities
15
Page 15
Trusted Computing
Market Errors and Bewilderments
Or
Learning fromMistakes
Page 16
8
How can we integrate trust and security into a high
complexity mobile phone baseband controller ?
Customers really liked the chip,
However no one activated the TPM !
Page 17
Mobile Trusted Module
for Mobile Phones or Automotive
 An impressive specification, but no business ….
Page 18
9
A new approach for Automotive Security
Defining new embedded standards according to market
Applications
Security Solutions
 Theft protection
 Immobilizer/ RKE
 Spare part IDs and
authentication
 Secure authentication
infrastructure
 Brand protection / IP
protection
 Spare Part IDs and
authentication for eparts
 Secure RFID Tags for
mechanical parts
Security Trends
 Physical attacks
upcoming
 Highly professional
criminal organizations
with considerable
b d
budgets
------------------------ Ad hoc Security
Validation
 Power train with
integrated hardware
security module
 Tuning protection
 Security architectures
against logical attack
emerging
 No tamperproof security
controller deployed yet
Page 19
Security in Automotive Applications
Focus Areas for Microcontroller Implementations
 Immobilizer


standard today within all new cars (mostly realized in SW for Central Body- & PT-ECU)
enhancements targeted for future cars
¬
¬
¬
up to ≤10 ECUs connected via CAN or Flexray might share a car specific secret symmetrical 128-bit AES key
mutual challenge response protocol is used to proof authentication at startup process
for reliability reasons, a majority decision process can be implemented
 Component Anti-Theft Protection


Immobilizer mechanisms as described above can be beneficial be re-used
in case of detected non-authorized module, operation might be restricted or permitted
 Secure Boot

proof integrity of Boot SW
¬ e.g. protection of secure SW algorithms (like asymmetrical SW-RSA, ...)
¬ AES HW extension mandatorily recommended in order to minimize startup delays
 Tuning Protection



Debugger Interface Lock in case of enabled TP
prevent unauthorized Read Out (IP-Protection)
prevent unauthorized Flash Programming & Reprogramming
 Car to Car Communication

(considered as a stretched target in the future )
e.g. secure asymmetrical PGP based data exchange
¬ requires HW extension for real time coding & decoding
- e.g. secure separate µC with Multi Precision Arithmetic (MPA) extension
11.07.2011
Page 20
10
EVITA Hardware Security Module
 Functional description and programming via the new TPM2.0
EmSys spec (still in work) will be possible.
Page 21
EmSys Standard: Trusted und Secure Boot
Page 22
11
Increased Trust and Security for Car Networks:
Trusted Network Connect (TNC) standard
Node integrity + policy control/enforcement (TC functions)
TNC
Encryption, Node authentication, key management
Page 23
What about the Future of
Embedded Trusted Modules ?
Use and extend widely the capabilities of Trusted
Computing standards:
 Crypto agility: Add additional cryptographic
algorithms
 Security agilty: Include the En-/de-cryption as
required
 Function agility: e.g. Typical embedded like remote
activation etc
Remember: TC is a functional standard,
Your Imagination is the limit
Page 24
12
Future Embedded System Design: Integrated
Trust Module due to Cost and Security Reasons
Security Controller
CryptographicFunc
Measuring (Hash)
Secure Storage
Next Generation Trusted System
I
Internal
Sec.
Firmware
F
TPM
Trusted
Platform
Module
Trusted System Hardware
Execution
Flow
Application Code
(BIOS)
OS Code
6
Measurement
Flow
Measu
5
System
Execution
Space
User #n
Execution
Space
Execution
rement
Code and Data Flow
3
4
OS Loader Code
2
Trusted System Firmware
1
CRTM Code (BIOS)
Application Layer
Trusted Building Blocks
+ Root of Trust
Trusted protocols and Communication
Embedded Security Layers
Chain of Trust based on the
Core Root of Trust Measurement is
the basic MECHANISM for Trusted Computing
BIOS
BootBlock
H tP
Host
Processor
TPM
Trusted
Platform
Module
The Trusted Platform Module (TPM) is an
encapsulated security processor which
performs all security FUNCTIONS
BIOS
OS
Loader
OS
Trusted Operating System and HW
Interfaces
Applica
tion
Page 25
Active, standalone Trust and Security Controller
Todays TPM consist out of 16/32 bit machines, MMU, multiple
interface controllers and are CC certifiable for EAL4+ and more
 Why not integrate the host processor into the TPM and get a
secure and trusted general purpose controller ?
Application
Land
Enhanced
Interface
I2C, SPI,
USB ...
Application
Firmware
Trusted and
Secure
Computing
Functions
Hypervisor OS
External
ROM for
secure boot
Page 26
13
Trust and Security will become a
Necessity for Future Embedded Applications
Any Questions ?
Page 27
14
EVITA: Motivation, Objectives, and Approach
Yves ROUDIER
EURECOM
Email: [email protected]
Final EVITA Workshop
Security of Automotive On-Board Networks
November 23,, 2011,, Erlensee
Motivation, objectives, and approach of the EVITA project
 Increasingly complex functionalities
 Networking capabilities become central
Electronic Fuel Injection
Electronic Diagnosis
Criuise Control
Electronic Gearbox
Electronic Air Condition
Antilock Brake Sys. (ABS)
Seat Position Motors
Central Locking
Airbags
Radio Information (RDS)
Navigation Systems
Traffic Information
Onboard TV
Basic phone integration
Dimming of Mirrors
Electronic Stability
Adaptive Cruise Control
Electronic tilt of headlights
Electronic Brake
Remote Diagnosis
Software Updates
Curve Headlights
Keyless Go
Keyless Entry
Bluetooth for phones
Entertainment
Lane following
Automated Parking
Collision Mitigation
Adapted Routing
Pre-Crash Safety
Internet Connection
1970s
 Security:
Adapted from M. Wolf
Vehicles, Electronics, and Security
today
Vehicle immobilizers
Payment systems
ECU authentication
Software authentication
Appstores,
eCall,
Car2X
applications
future
Secure and
trusted
communication
Secure flashing
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
15
2
Motivation, objectives, and approach of the EVITA project
Communication over On-Board Networks
 Electronic Control Units (ECUs)
 Data sent periodically between ECUs, sensors, and actuators
– Paradigm: signal based, communication buses (CAN, Flexray …)
– Functional requirements: low latency, robustness
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
3
Motivation, objectives, and approach of the EVITA project
Tomorrow: Car2X-based Safety Applications
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
16
4
Motivation, objectives, and approach of the EVITA project
New Security Threats
 Potential attacks on
– External interfaces, e.g., for Car2X communication
– Physical attacks on on-board network
 Increasing awareness:
– “Physical cryptanalysis of keeloq code hopping
applications” – Eisenbarth et al. (2008)
– “Experimental Security Analysis of a Modern
Automobile” – Koscher et al. (2010)
 For Future Car2X applications, new security
mechanisms have to be applied.
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
5
Motivation, objectives, and approach of the EVITA project
EVITA: Main Objectives
 “E-safety Vehicle Intrusion Protected Applications”
– Project started in July 2008
 Holistic
H li ti approach
h
– Chain of trust from sensor to remote vehicle
– Secure software engineering process
 Achievements
– in-car communication protection
– on-board system integrity protection
–S
Supportt for
f scalable
l bl and
d secure vehicle-to-vehicle
hi l t
hi l
communication
– Motivated risk analysis
– Formal proofs
– Security tests
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
17
6
Motivation, objectives, and approach of the EVITA project
EVITA: Approach
 Development of Hardware Security Modules deployed with ECUs
– Accelerated cryptography
– Key protection
– Trusted computing base
– Secure Storage
– Cost-effective
 In-car cryptographic protocols
– Key management, message integrity, policy management, distributed logging
 Software framework integrating authentication, encryption, access control, etc.
– Encapsulates software/hardware partitioning between ECU and HSM
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
7
Motivation, objectives, and approach of the EVITA project
EVITA: Summary
 Security requirements are increasing due to enhanced connectivity
 Security is crucial for Car2X applications deployment
– Preparation of standardization within Car2Car Communication Consortium
– ITS standards development within ETSI ITS Working Group 5
 First ever prototype of a general-purpose secure on-board system
– Overall security methodology
– Prototypes demonstrated today
 EVITA results already adopted by major research projects
More details can be found at: http://evita-project.org/
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
18
8
Secure On-Board Architecture Specification
Marko
M
k Wolf
W lf
ESCRYPT GmbH – Embedded Security
Leopoldstraße 244
80804 München, Germany
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
Short Recap: Need for Automotive Hardware Security
Local and remote software attacks
Security-critical
 Security
critical assets shielded in hardware
Insider, offline, physical tampering attacks
 Physical tamper protection
High performance security requirements
 Cryptographic hardware accelerators
Costly to extend general-purpose hardware
 Cost-efficient special optimized circuits
2
EVITA Final Project Review, 23 November 2011
19
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Electronic Control Unit Security Architecture
Secure E-Safety Application(s)
EMVY Security Framework and Security Protocols
EVITA HSM drivers for AUTOSAR (SPI) and Linux (ETH)
Microcontroller Abstraction Layer / Linux Operating System
Microcontroller Hardware Layer
EVITA Hardware
Security Module
 EVITA HSM as security anchor for automotive microcontroller applications
 Linux and AUTOSAR integration via SPI and TCP/IP available
 Integrated into EMVY in-vehicle security software framework
3
EVITA Final Project Review, 23 November 2011
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Hardware Security Module (HSM) Architecture
 EVITA Hardware Security Module (HSM) as microcontroller extension
 Becomes
B
“d
“deeply”
l ” iintegrated
t
t d via
i System-on-Chip
S t
Chi (SoC)
(S C) ASIC d
design
i
 Generic interface to use security building blocks with different concrete
cryptographic algorithms (for capability, updates, ..)
 Autonomous processor for flexible hardware-protected security processing
4
EVITA Final Project Review, 23 November 2011
20
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Hardware Deployment Architecture
EVITA security extension in every ECU?
 Yes, but ...
EVITA uses 3 different HSM classes to meet:
 Different cost constraints
 Different security protection requirements
 Different functional security requirements
By
EVITA enables:
B applying
l i module
d l classes
l
bl
 Protection of all security-critical ECUs for a holistic security architecture
 All modules are capable to interact securely with each other
 Efficiently meet cost, security, and functional requirements
5
EVITA Final Project Review, 23 November 2011
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Hardware Deployment Architecture: EVITA full
 High-performance asymmetric cryptography for V2X digital signatures
generation/verification (i.e., hardware accelerated ECC and hash function)
 High-performance
Hi h
f
symmetric
t i cryptography
t
h for
f large-scale
l
l encryptions
ti
(e.g., protected multimedia, large external secure storage realizations)
 Powerful internal processor & memory for flexible cryptography (e.g., RSA)
 Foreseen for in 1 – 2 high-performance communication controllers such as
V2X communication unit (head unit) and central gateway
6
EVITA Final Project Review, 23 November 2011
21
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Hardware Deployment Architecture: EVITA medium
 Virtually identical to the EVITA full version except in that it has no dedicated
asymmetric crypto hardware and no dedicated hash function hardware
 Fast
F t symmetric
t i cryptography
t
h h
hardware,
d
b t rather
but
th slow
l
software
ft
based
b
d
– but nonetheless practicable – firmware asymmetric cryptography
 Meets all in-vehicle security use cases, but not suitable for V2X
 Foreseen in 2 – 4 central multi-purpose ECUs such as engine control,
front/rear module, immobilizer etc. with strong cost & security requirements
7
EVITA Final Project Review, 23 November 2011
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Hardware Deployment Architecture: EVITA light
 Cost-optimized symmetric crypto hardware with small internal (key)
memory that allows to process and generate protected information
 Foreseen
F
in
i less,
l
b
butt security-critical
it
iti l ECUs
ECU th
thatt provide
id or process
security critical information ECUs such as
– Critical sensors: e.g., wheel, acceleration, pedal sensors
– Critical actuator: e.g., breaks, door locks, turn signal indicator
– Critical small controllers: e.g., GPS module, lighting, clock
8
EVITA Final Project Review, 23 November 2011
22
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Hardware Deployment Architecture: Holistic Security
Efficient, cost-effective, flexible, and holistic in-vehicle EVITA hardware
security module(s) deployment respecting the different cost and
performance constraints, and different functional (security) requirements.
9
EVITA Final Project Review, 23 November 2011
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Hardware Security Module Interface Specification
 About 50 pages at deliverable D3.2 pg. 36-86
 Security building blocks (SBB)
– Encryption
E
ti and
dd
decryption
ti
– Message authentication codes
– Hashes and HMAC
– Signature generation and verification
– Random numbers
– Secure Counters
 Security functionality
– Key management (e.g., key creation, agreement, import, export, status)
– Secure boot and authenticated boot (e.g., ECR extension, retrieve, preset, compare)
– Secure “tick” clock with external UTC synchronization for data time stamping or key expiry
– HSM administration and auditing
10
EVITA Final Project Review, 23 November 2011
23
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Hardware Security Module Interface Specification
 Multi-sessions (i.e., interruptible) for most hardware security blocks (e.g., AES,
MAC, digital signatures, and hash functions) via and separate init(), update(),
and finish() session management commands
 Multi-threading possible on availability of hardware blocks (e.g., one can call
PRNG and two AES in parallel if blocks available)
 Asynchronous (i.e., non-blocking) hardware interface
 EVITA key uses can (but do not necessarily have to) have additional individual
authorizations via:
– password given on function invocation (including failure counter)
– inherent bootstrap verification by verifying a bootstrap reference
– combination of password and bootstrap reference
 EVITA commands are not protected at hardware level, but remember SoC
integration (in case command protection is required, we propose a TPM-like
approach to establish a session key and “rotating” nonces)
11
EVITA Final Project Review, 23 November 2011
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA HSM Specification Highlights: Individual Key Control
 Keys have 10 individual use_flags each with:  4 individual transport restrictions
–
–
–
–
–
–
–
encrypt
decrypt
sign
verify
utcsync
transport
…
–
–
–
–
internal
migratable
oem
external
 3 individual usage authorization
– password
– ecr
– ecr+password
 Enables very fine-grained purpose, transport and access control
ab es least-privilege
east p
ege secu
security
ty des
design
g p
principle
c p e (Sa
(Saltzer,
t e , 1974)
9 )
 Enables
Local bound secure storage
Symmetric-key „digital signatures“
use_flag
trnsp_flag
auth_flag
use_flag
trnsp_flag
encrypt
internal
pw + ecr(i..j)
sign
internal
pw + ecr(i..j)
decrypt
internal
ecr(i..j)
verify
migratable
none
auth_flag
12
EVITA Final Project Review, 23 November 2011
24
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA HSM Specification Highlights: Bootstrap Protection
 Secure boot and authenticated boot
– HSM as hardware-protected Core Root of Trust
(CRT) to initialize the chain of trust
Measure
– Multi-stage bootstrap possible starting with CRT
– Subsequent step by step measurements of upper
layers (e.g., bootloader, OS, application)
– HSM internal ECU Configuration Registers (ECRs)
store fingerprints of measured code
Evaluate
Enforce
– Immediate response
p
by
y HSM upon
p mismatch of
measurement and reference ECRs → Secure Boot
– Indirect response by HSM key control bound to
certain ECR values (cf. slide before!) →
Authenticated Boot
ECU
Security
13
EVITA Final Project Review, 23 November 2011
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Hardware Security Module Prototype Implementation
 Programmable FPGA hardware prototype
with internal PowerPC processor
 High-performance crypto hardware
– AES-128 symmetric cipher: 80 Mbit/s
– ECC-256 asymmetric cipher: 450 sig/s
– WHIRLPOOL hash function: 128 Mbit/s
 TCP/IP and SPI interface software drivers for Linux and AUTOSAR
 Detailed HSM design, realization, and evaluation results in “Design,
Implementation, and Evaluation of a Vehicular Hardware Security
Module” to be published at International Conference on Information Security
and Cryptology (ICISC 2011) in Seoul on November 30 – December 2, 2011.
14
EVITA Final Project Review, 23 November 2011
25
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
EVITA Security Module In Comparison with Existing HSMs
full
medium
light
SHE
TPM
Smartcard
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/

/
/
/
/

/
/
/
/

/
/
/
/

/
/
/
/

/
/
/
/

/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
/
Cryptographic algorithms
ECC/RSA
AES/DES
WHIRLPOOL/SHA
Hardware acceleration
ECC/RSA
AES/DES
WHIRLPOOL/SHA
Security features
Secure/authenticated boot
Key control per use/bootstrap
PRNG with TRNG seed
Monotonic counters 32/64 bit
Tick/UTC-synced internal clock
Internal processing
Programmable/preset CPU
Internal V/NV (key) memory
Asynchronous/parallel IF
Annotation:  = available,  = not available,  = partly or optionally available
15
EVITA Final Project Review, 23 November 2011
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
Conclusions:
EVITA Vehicular HSM
 Provides a hardware-protected security
anchor for software layers through hardwareencapsulated
l t d generation,
ti
storage,
t
and
d
processing of security-critical material and
provision of basic security functions
 Detailed specification of efficient, flexible and generic security interface
 Applies Trusted Computing ideas (e.g., authenticated boot) with
meaningful extensions (e.g., symmetric cryptography, individual use
g , individual authorizations for invocation and transports)
p
)
flags,
 Accelerates security mechanisms by applying cryptographic accelerators
(e.g., ECC, AES, WHIRLPOOL, RNG)
 Compatible with HIS SHE security functionality for easy deployment
 Tamper-protection via on-chip integration (+ further measures)
16
EVITA Final Project Review, 23 November 2011
26
Secure On-Board Architecture Specification – Marko Wolf, ESCRYPT GmbH, Munich, Germany
Dr.‐Ing. Marko Wolf
Senior Security Engineer
[email protected]
escrypt GmbH
Lise-Meitner-Allee 4
44801 Bochum
[email protected]
phone: +49(0)234 43 870 209
fax: +49(0)234 43 870 211
17
EVITA Final Project Review, 23 November 2011
27
Secure On-Board Protocols
H d ik C
Hendrik
C. S
Schweppe
h
EURECOM
2229 route des crêtes
06560 Sophia Antipolis, France
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Overview
1.
Motivation for Secure On-Board Protocols
2.
Key Distribution and Key Management for On-Board Networks
3.
Master/Client Communication in EVITA Security Framework
4.
Coping with Limitations of the CAN Bus
5.
Security Maintenance Scenarios
6.
Model-Based Security Analysis, Evaluation, and Verification
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
28
2
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Motivation
 Security in distributed systems as found in the vehicle depends on
– Integrity of the local and remote ECUs
– Mutual trust in received and computed data
 Limitations of current automotive bus systems
– Latency requirements
– Payload restrictions
– Communication g
groups
p
 Integration of communication with security framework to protect both:
platform and communication.
3
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
On-Board Protocols developed in EVITA
 Distribution of cryptographic key material
– Securely deploying keys from external entities to the vehicle
 Over-the-air firmware update procedures and
protocols:
– Update process for ECUs and sensors for platform
configuration and corresponding firmware, including
pairing/registration of nodes with KM nodes.
– A secure way in order to distribute keys between ECUs
– Refreshing of keys at bus-attached sensor nodes
– Integrity checks of platform
 Session-keying and protocols for confidential, fresh, and  Policy management and access control
authentic communication
– Configuration of policies and policy-updates: ,
backend policy definition, compressed vehicle native
format, policy-synchronization
– Establishment of session keys between ECUs
– Session key establishment between key masters
– Format of policies and messages
 Authentic communication
– Access control protocols and policy enforcement
– Secure Transport protocols
– Firewall rules as part of access control policy
– Addressing of nodes and software components
– Gateways between physical and logical network lborders
 Furthermore:
– Bootstrapping, On-board integrity check of platform
– Maintenance: replacement of hardware
components. (include key-distribution/key-swapping)
 Intrusion detection and response
– Message formats, synchronized system states, interactions
with policies.
– Time and counter synchronization between HSMs
and ECUs
– Common programming interfaces for filter-plugins and
action-plugins
– Secure Storage with HSM integration.
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
29
4
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Hardware Security Modules
 Store and Process Security Credentials
– Keys have use-flags
use flags
 Examples: encrypt, decrypt, sign, verify
EVITA
– 2nd step: use-flags can have exportable flag
 e.g., only decrypt flag (=key) is exportable with specific transport key
while encrypt stays internal
 This enables:
– Asymmetric usage of symmetric key material!
– Low Cost HSM for sensors
[D3.2]
5
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Key Distribution for Group Communication
<verify-MAC>
<sign-MAC>
HSM
K1
<verify-MAC>
<verify-MAC>
KS
HSM
K2
KS
HSM
K3
KS
<verify-MAC>
CCU
KS
HSM K1 K2 K3
Brake
Display
Key
Master
<authenticity, integrity, freshness>
– Basic usage control at ECU/HSM
– Comprehensive access control at KeyMaster:
Communication Groups and Access Control Policies
[D3.3, WiVeC11]
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
30
6
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Encapsulation of Protocols in Security Framework
EVITA/BMW
 Software Security Framework provides high-level services by
encapsulating complex protocols & services.
 Application only needs “secure_communication() call”
 Entity (i.e., communication group name)
 Security requirements (e.g., authenticity, confidentiality)
 Payload
[D3.2,D3.3,D4.3]
7
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Software Security Framework EMVY
 ECUs and sensors are differently equipped (CPU/RAM/..)
– Thin client fashion:
Core security services deployed on master(s) for all clients.
– Developed on C vs. C++ on client vs. master
– RPC-like interface
[D3.2,D3.3,D4.3]
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
31
8
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Software Security Framework EMVY
XACML Policy Editor
Encoding Engine
 Example: Policy System
XACML-2-PNL
(vehicle specific)
– Policies defined in XACML format in backend
 Rules include subject, object, action & vehicle state.
Security Policy Management System
– Compiled to vehicle specific format and transferred to Master ECU in the vehicle (Policy Decision Module)
– Queried by client ECUs (Policy Enforcement Points) when necessary
[D3.3,D4.3,NFC11]
9
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
EMVY Master Node
Application Layer
up
down
down
On-Board Security Policy Enforcement
Application interface
PDM
RPC Access Control
– Cross Layer Enforcement
RPC Layer
KMM+HSM
Endpoint integrity check
EAM
Endpoint authentication
PDM
Group Management
 Endpoint access control enforcement
EMVY Framework
EMVY Framework
up
down
 RPC layer access control enforcement
CCM
Communication Channel
Transport Layer
up
down
…..
Layer X‐1
up
down
Layer 1
Gateway
Communication Channel
EMVY Client Node
Communication Channel
On-Board Decision and Enforcement
[D3.2,D4.3]
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
32
10
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Transport Protocols: Secure Sessions
A transport protocol provides for:
 More flexible addressing in payload
 Larger payload
 Security payload
security
security
EASIS [D1.2-10]
 EVITA CAN to Ethernet Gateway:
 CAN communication with ISO-TP
 Linux gateway with VW’s open
source SocketCAN
[D3.3, WiVeC11, D4.3]
11
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Analysis of MAC Truncations
Depending on
 the risk of an attack
 the severity of an attack
=> choose
h
llevell off protection
t ti EVITA [D2
[D2.3,D3.2]
3 D3 2]
- Truncation of MAC increases risk of false positives
- Number of trials limited by bus and HSM throughput
We limit failed verifications at 100 per second.
- Table shows expected time for
P(false-validation-of-MAC=1)=0.5
=> Length of MAC:
- up to 256 bits (for fast buses and critical data)
- allow truncation down to 32 bits (low speed buses
and non-critical data)
bits
0
16
24
32
48
64
96
128
192
256
time to collide
0
5.5 min
23.3 h
35 5 weeks
35.5
44750 years
2932747010 years
1.25961E+19 years
5.40996E+28 years
9.97962E+47 years
1.84092E+67 years
[D3.3, WiVeC11]
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
33
12
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Maintenance: Online Use Case
KN
Symmetric Key of Sensor: Must be delivered to Key
Master
IDKIDKKM
Asymmetric Key of Key Master
Standard diagnosis tool
Service
Backend
KeyData
Replacement
Sensor
HSM
KN
Contains key of
new ECU
Encrypted
IDK--KM
IDK
with IDK
of KM
Key
Master
IDKIDKKM
KN
HSM
KN
IDKIDKKM
HSM
<online>
Steps:
Establishment of connections between vehicle system and backend by the workshop
I Two-way-authenticated connection: Key Master <-> Backend
II Reception of key-data blob from backend
III Import of key KN at Key Master
[D3.3]
13
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Maintenance: Offline Use Case
Symmetric Key of Sensor: Must be delivered to
Key Master
KN
IDKIDKKM
Diagnosis
Tool
Asymmetric Key of Key Master
Diagnosis tool with Hardware Security Module
(HSM)
Replacement
Sensor
HSM
KN
Key
Master
HSM
IDKIDKKM
Diagnosis
IDK-IDK
Tool
HSM DT
Key-Data
Contains key of new
ECU encrypted with
IDK
of workshop
IDK--DT
IDK
Diagnosis
KN
Tool
Service
Backend
IDKIDKKM
KN
<offline>
Steps:
I Offline transfer of key-data for specific workshop (along with the part to be replaced)
II Import of KN at Diagnosis Tool (only temporary and for re-encryption)
III Export of KN at Diagnosis Tool (Transport Key: Key Master node)
IV Import of key KN at Key Master
[D3.3]
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
34
14
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Model-Based Analysis, Evaluation & Verification
 Built model of protocols in TTool and Matlab/Simulink
 Created “AVATAR” UML profile for TTool
– Combines model of functional and security aspects!
– Proofs functional aspects in <UPAAL> and security aspects in <ProVerif>
 Proofs of Key Distribution and Remote Firmware Update protocols done
within EVITA
 Simulative evaluation of CAN bus load with MAC in Transport Protocol
P
Practical
ti l evaluation
l ti off Key
K Distribution
Di t ib ti & communication:
i ti
<20
<20ms including
i l di
network, HSM, and application processing.
[D3.4, VTC11]
15
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Summary
 Various on-board security protocols needed
–R
Reduced
d
d complexity
l i on application
li i llevell b
by
integration with security framework & architecture
 Achieved comprehensive solution.
EVITA HSM and simTD CCU Module
 Applicable to different on-board networks
– Solution is applicable to different types of ECUs
– Applicable to different types of on
on-board
board networks
 Working prototype on Ethernet, proof of concept on CAN
 Security and functionality validated through model based verification
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
35
16
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
EVITA Publications on On-Board Protocols
[D3.2]
B. Weyl et al., EVITA: Secure On-Board Architecture Specification, 2010
[D3.3]
H. Schweppe et al., EVITA: Secure On-Board Protocols Specification, 2010
[D3.4.4]
A. Fuchs et al., EVITA: On-Board Architecture and Protocols Verification, 2010
[D3.4.4]
A. Fuchs et al., EVITA: On-Board Architecture and Protocols Attack Analysis, 2010
[D4.3.2]
H. Seudié et al., EVITA: Implementation of the Software Framework, 2010
[NFC11]
M.S. Idrees et al., Secure Automotive On-Board Protocols: A Case of Over-the-Air
Firmware Updates, 3rd Nets4Cars, LNCS 6596/2011 Oberpfaffenhofen, 2011
[WiVeC11] H. Schweppe et al., C2X Communication: Securing The Last Meter, 4th IEEE
Wireless Vehicular Communication,, San Francisco,, 2011
[VTC11]
G. Pedroza et al., A Formal Methodology Applied to Secure Over-the-Air Automotive
Applications, 74th IEEE Vehicular Technology Conference, San Francisco, 2011
[VDI11]
H. Schweppe et al., Securing Car2X Applications with effective Hardware-Software
Co-Design for Vehicular On-Board Networks, 27th VDI Automotive Security,
Berlin, 2011
17
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
Secure On-Board Communication Protocols – H. Schweppe, EURECOM, Sophia-Antipolis, France
Hendrik Schweppe
+33 4 93 00 82 02
[email protected]
EURECOM
2229 route des crêtes
06560 Sophia-Antipolis
http://www.eurecom.fr/
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
36
18
EVITA Integration into AUTOSAR
EVITA Final Review
Integration in AUTOSAR
Hervé Seudié
Robert Bosch GmbH
Postfach 30 02 40
70442 Stuttgart, Germany
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
1
EVITA Integration into AUTOSAR
Why AUTOSAR?
Î
Î
Î
Î
Î
Î
Î
Î
Î
Master complexity
Flexible E/E architectures
Flexible exchangeability between supplier's and manufacturer's applications
Keep quality & reliability of E/E systems at high level
Enable global shared development
Gain freedom for innovation
Reduce costs
Solution:
Strategy:
Reuse and exchangeability of software
Standardization of software architecture
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
37
2
EVITA Integration into AUTOSAR
AUTOSAR Stakeholders
OEM b
Exchangeability
between supplier‘s
solutions
OEM a
OEM c
Platform b.1
Platform b.2
Platform b.n
Platform a.1
Platform a.2
Platform a.n
Exchangeability
between manufacturer‘s
applications
Supplier A
¾ Chassis
¾ Safety
¾ Body/Comfort
¾ Multimedia*
Supplier B
¾ Chassis
¾ Safety
¾ Telematics
¾ Multimedia*
Supplier C
¾ Body/Comfort
¾ Powertrain
¾ Telematics
¾ Multimedia*
OEM f
OEM e
Platform c.1
Platform c.2
Platform c.n
OEM d
Platform d.1
Platform d.2
Platform d.n
Exchangeability
Platform f.1
Platform f.2
Platform f.n
between vehicle
platforms
Platform e.1
Platform e.2
Platform e.n
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
* Multimedia: Application interfaces only
3
EVITA Integration into AUTOSAR
AUTOSAR Partners
9 Core
Partners
13 Development
Members
72 Associate Members
49 Premium
Members
General
OEM
Generic
Tier 1
Standard
Software
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
38
Tools and
Services
Semiconductors
4
EVITA Integration into AUTOSAR
AUTOSAR Layers
Application Layer
AUTOSAR Runtime Environment (RTE)
Services Layer
Complex
Drivers
ECU Abstraction Layer
Microcontroller Abstraction Layer
Microcontroller
Objective: - Decoupling of Hardware and Application Software
- Relocation / reuse of SW-C* between ECU
5
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
EVITA Integration into AUTOSAR
AUTOSAR: Basic Software Layer
Application Layer
AUTOSAR Runtime Environment (RTE)
System Services
Memory Services
Communication
Services
Onboard Device
Abstraction
Memory Hardware
Abstraction
Communication
Hardware
Abstraction
Microcontroller
Drivers
Memory Drivers
Communication
Drivers
I/O Hardware
Abstraction
Complex
Drivers
I/O Drivers
Microcontroller
Services
BSW-Layers
ECU
Abstraction
and Complex
Drivers
Microcontroller
Abstraction
The EVITA project has used Bosch CUBAS as BSW
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
39
6
EVITA Integration into AUTOSAR
Standardized Cryptographic interfaces of AUTOSAR
Application Layer
App. 2
App. 1
AUTOSAR Runtime Environment (RTE)
CSM API
Service 1
Service 2
CSM Service
CPL API
CAL API
CSM API
CRY API
Services Layer
Crypto
Driver
ECU Abstraction Layer
CRY Adapter
Crypto Library
(Software)
e.g. EsLib
HSM Driver
uC Abstraction Layer
Complex
Drivers
Microcontroller (uC)
HSM
HSM: Hardware Security Module CAL: Cryptographic Abstraction Layer (static, synchronous)
CSM: Crypto Service Manager (dynamic, asynchronous) CRY: (Low-level) Crypto Interface
7
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
EVITA Integration into AUTOSAR
Where to integrate the EVITA modules?
Application Layer
App. 2
App. 1
AUTOSAR Runtime Environment (RTE)
CSM API
Complex Drivers
Service 1 Service 2
CSM Service
EVITA modules
to be integrated as
complex drivers
CPL API
CAL API
CSM API
CRY APIServices Layer
Crypto
Library
(Software
)
e.g. EsLib
Crypto
Driver
CRY Adapter
ECU Abstraction Layer
HSM Driver
uC Abstraction Layer
Microcontroller (uC)
Not standardized in AUTOSAR
HSM
Constraint: EVITA has no AUTOSAR speficified components
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
40
8
EVITA Integration into AUTOSAR
AUTOSAR Layers with integrated modules
Application Layer
App. 2
App. 1
Application
AUTOSAR Runtime Environment (RTE)
CSM API
Complex Drivers
EVITA API
EVITA
Service
Service 1 Service 2
S
CSM Service
EVITA
Wrapper
CPL API
CAL API
CSM API
CRY APIIServices Layer
Crypto
Library
(Software
)
e.g. EsLib
Crypto
Driver
CRY Adapter
ECU Abstraction Layer
Crypto
Library
(EsLib)
HSM
SM Drive
Driver
uC Abstraction Layer
Microcontroller (uC)
EVITA
Low Level Driver
SPI Driver
HSM
HSM
Low Level Driver / EVITA Security application / Wrapper / EVITA API for
application layer software
9
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
EVITA Integration into AUTOSAR
AUTOSAR Communication with EVITA modules: simplified
view
RTE
y Secure Communication
– Use of ComStack
EVITA
Application
EVITA LLD
PDU Router
CAN TP
CAN Interface
CAN Driver
SPI
GPTA
TriCore - TC1797 Micro-controller
ECU 2
HSM
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
41
10
EVITA Integration into AUTOSAR
Summary
y Prototypic integration of EVITA in real automotive software architecture AUTOSAR
– Security with and without hardware support
y Hardware Security Modules access via Low level driver using SPI communication
– SPI only for demonstration purpose
– Production in the future as ASIC: see PRESERVE project, which develops an ASIC based
on the EVITA result
y Secure communication using AUTOSAR / CAN bus / TC 1797 / FPGA
– See demonstration !
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
F
11
EVITA Integration into AUTOSAR
Thank you for your attention!
Questions?
Hervé Seudié
Robert Bosch GmbH
[email protected]
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
42
12
EVITA Prototype & Demonstrator Overview
Dr. Benjamin
D
B j i W
Weyll
BMW Group Research and Technology
Hanauer Str. 46
80992 München, Germany
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Overview
1. Goals of the EVITA Demonstrators
2. Desktop Demonstrator
3. Vehicle Demonstrator Active Brake
4. Vehicle Demonstrator Valet Parking Privacy
5. AUTOSAR Demonstrator
6 Summary & Outlook
6.
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
43
2
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Goals of the EVITA Demonstration Scenarios
 Demonstrate Hardware Security Modules deployed with ECUs
– Cost
Cost-effective
effective deployment
– Trusted computing base
– Key protection
– Secure Storage
 Demonstrate in-car protocols to secure ECU-ECU & Sensor communication
 Demonstrate software security framework integrating authentication, encryption,
access control, etc.
 Demonstrate EVITA HSM integration with Microcontroller (AUTOSAR ECUs)
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
3
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
EVITA Desktop Demonstrator – Overview
 Visualization of securing in-vehicle communication using HSMs
– DUC-10: Secure sensor data acquisition
– DUC-11: Secure actuator command transmission
 Visualization of securing V2X communication using HSMs
– DUC-20: Active brake authenticity
 Visualization of multiple attack scenarios (MUC-10, MUC-11, MUC-20)
– Detection of manipulated messages
– Detection
D t ti off iinjected
j t d / replayed
l
d messages
 Visualization of different HSM types (light, medium, full)
 Detailed visualization of HSM activity, internal data and processes
 Interaction with HSM prototype, connected via TCP/IP using HSM-IP-LIB
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
44
4
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
EVITA Desktop Demonstrator – Internals
 GUI for user interaction, flow control
and visualization
 Server for application interconnection
and message forwarding
 Sensor for data acquisition using
HSM software library
 Actuator for command execution
using HSM software library
 ECU for data evaluation and command generation using HSM prototype platform
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
5
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
EVITA Desktop Demonstrator @ escar 2011 in Dresden
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
45
6
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Vehicle Demonstrator Active Brake:
Use Case
 Use Case: Car2Car Emergency Brake Notification
– Vehicle notifies the following vehicle of a braking action
– Driver reacts to situation
 Use Case: Car2Car Active Emergency Brake
– Vehicle reacts autonomously
– Driver may still influence reaction
 Core Requirements
– Integrity & authenticity of Car2X messages
– End-to-end security from sensor to actuator
– Fast signature generation & verification
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
7
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Vehicle Demonstrator Active Brake:
Securing the On-board Network
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
46
8
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Vehicle Demonstrator Active Brake:
Securing the On-board Network
DENM
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
9
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Vehicle Demonstrator Active Brake:
Visualization of Security in Sending Vehicle
 Visualization of key management protocol & secure communication
 Mounted attack in Sending Vehicle between Sensor and ECU
 Detect data manipulation on the on-board network
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
47
10
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Vehicle Demonstrator Active Brake:
Securing the External Communication
• EVITA security components have been integrated with the simTD project
• Integrated with Car2X (simTD) communication radio unit based on 802.11p
• Communication Security
– Communication is authenticated & integrity-protected
– Usage of EVITA Hardware Security Module
– Performance: factor 15-20 for signature generation & verification!
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
11
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Vehicle Demonstrator Valet Parking:
Privacy Protection within the Vehicle
 Use Case: Valet Parking Privacy Application
– Protection of personal data within the vehicle
– Activation when leaving the car
 Secure Storage & Access Control
– Secure storage of data with EVITA HSM
– Access control with user-defined policies:
– Driver protects, e.g., personal usage data
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
48
12
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Vehicle Demonstrator Valet Parking:
Privacy Protection within the Vehicle
ECU
Authentication
13
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
AUTOSAR Demo Overview
 Scope: Secure communication between AUTOSAR ECUs
 Use Cases: Sensor Manipulation & Secure Boot
In-Vehicle Network
Brake ECU
CANoe
GUI
CAN Transceiver
VN8950
Head Unit
HMI Warning
Display
X86 Processor (Windows)
Brake Sensor
Secure Boot
Secure Boot
Brake application
CAN
AUTOSAR
Low Level Driver
AUTOSAR
Low Level Driver
Tricore
Tricore
SPI
HSM (FPGA)
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
49
Sensor application
CAN
SPI
HSM (FPGA)
14
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Demonstrator Events
BMW-EURECOM
Pressevent
September 2011
Sophia Antipolis
9th escar conference
November 2011
Dresden
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
15
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Summary
 With enhanced connectivity, security requirements are increasing
 Security is crucial for Car2X application deployment
– Integration with simTD for efficient Car2X communication
– Preparation of standardization within Car2Car Communication Consortium
– ITS standards development within ETSI ITS Working Group 5
 EVITA designed and implemented the first ever prototype of a general
general-purpose
purpose
secure on-board system combining Hardware and Software
 Successfully demonstrated EVITA results at various occasions
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
50
16
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Outlook
 EVITA results are already adopted by major research projects
– SEIS project applies EVITA Security Framework for Secure IP-based Middleware
– PRESERVE project develops an ASIC based on the EVITA result
 Input for preparation of standardization activities within C2C-CC and ETSI
17
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
EVITA Prototype & Demonstrator Overview – Dr. Benjamin Weyl, BMW Group Research and Technology
Thank you for your attention.
Dr. Benjamin Weyl
+49 89 382 48951
[email protected]
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
51
18
Legal Framework of
Automotive On-Board Networks
Jos Dumortier
K.U.Leuven – ICRI
www.icri.be
Legal framework of automotive on-board networks
Overview
1. Introduction: what are the main legal issues?
2. The ITS legal framework
3. Privacy protection in automotive on-board networks
4. Liability issues in automotive on-board networks
5 Conclusions
5.
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
52
2
Legal framework of automotive on-board networks
1. Legal Issues
 V2X
– automatic actions (e.g. braking) following V2V or V2I communications
 eToll
– collection of personal information in wide-area toll systems
 eCall
– tracking, data minimalization and value-added services
 Nomadic Devices
– privacy and security of communications networks
 Aftermarket
– liability for malware, infected software patches, etc.
 Diagnosis
– application of data protection legal framework (who is the controller?)
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
3
Legal framework of automotive on-board networks
2. The ITS Legal Framework
 Directive 2010/40/EU
Framework for the deployment of Intelligent Transport Systems in the field of road transport
and for the interface with other modes of transport
Commission issues specifications between 2010 and 2017 to address the compatibility,
interoperability and continuity of ITS solutions across the EU
Delegated acts: opinion of the European Data Protection Supervisor of 22/07/2009
 Electronic Road Tolling
Directive 2004/52/EC: interoperability of electronic road tolling systems in the Union
Commission Decision 2009/750/EC: regulatory framework for EETS (e.g. OBE in vehicle)
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
53
4
Legal framework of automotive on-board networks
3. Privacy protection in Automotive On-Board Networks
 European Convention of Human Rights
– On-Board
On Board Automotive Networks should fulfill the conditions imposed by Art. 8 (“necessary
( necessary in
a democratic society”)
 Directive 95/46/EC
– Scope: processing of personal data
– Who is the controller? Who is the processor?
– Applicable law: issue for cross-border ITS
– Data minimalization,, storage
g duration,, anonymisation
y
 Directive 2001/58/EC
– Scope: public electronic communications networks
– Issues; security provisions, breach notification, access to terminal equipment, traffic and
location data
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
5
Legal framework of automotive on-board networks
4. Liabilities with regard to Automotive On-Board Networks
 Liability: a complex set of (primarily national) rules
 Important factor in determining liabilities: legal framework for Vehicle Type Approval
– UNECE and WVTA
– Directive 2007/46/EC
 Vienna Convention on Road Traffic (1968): “driver shall at all times be able to
control his vehicle “
 Directive 2001/95/EC: General Product Safety (consumer products)
 Directive 85/374/EEC on liability for defective products ( consumer protection)
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
54
6
Legal framework of automotive on-board networks
5. Conclusions
 EVITA contributes substantially to the implementation of the most essential legal
principles in the area of privacy and personal data protection, for example, by
d
developing
l i technologies
h l i to protect personall d
data against
i
unauthorized
h i d access
 EVITA ensures the legally required level of security appropriate to the risks
represented by the processing and the nature of the data by proposing a risk
analysis approach to identify what level of security protection may be required for
particular on-board assets.
 EVITA solutions need to fit in the interoperability framework for ITS in the Union and
does so by applying open standards
 Liability for accidents might be expected to partially shift away from the driver
towards vehicle manufacturers and their on-board systems suppliers and more and
more also to external information providers (role – and limits – of contracts)
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
7
Legal framework of automotive on-board networks
Jos Dumortier
K.U.Leuven – ICRI
Sint-Michielsstraat
Sint
Michielsstraat 6
B-3000 Leuven
(t) +32 (0)16 32 51 49
www.icri.be / [email protected]
Jos Dumortier
time lex - Information & Technology Law
time.lex
Congresstraat 35
B-1000 Brussel
(t) +32 (0)2 229 19 47
www.timelex.eu / [email protected]
Final EVITA Workshop on Security of Automotive On-Board Networks, 23 November 2011
55
8
EVITA & PRESERVE
Uptake of EVITA in PRESERVE
Frank Kargl | [email protected] | V9 | 23.11.2011
Wireless
Communication
Multi-Hop
Communication
Autonomous
Systems
Vehicle Positions
Critical
On-board
Systems
On-board Sensors
New Challenges for Security and Privacy
23.11.2011
EVITA & PRESERVE Cooperation
56
2
In-Vehicle
Security
Secure Autom.
App. Platform
Privacy
Enforcing
Runtime
Architecture
On-Board
Security
Architecture
Open Platform
for Vehicle
Apps
Hooking
Architecture
ITS Privacy
Guidelines
FPGA HW
Prototype
Secure Access
to Comm.
Channel
Prototype
Implementation
Prototype
Implementation
Demonstration
Prototype
Platform
Implementation
Secure IVC
ITS Privacy
SeVeCom
Baseline
Architecture
23.11.2011
EVITA & PRESERVE Cooperation
3
SeVeCom
• FP6 STREP Project
• 1.1.2006 – 31.3.2009
23.11.2011
EVITA & PRESERVE Cooperation
57
4
PRECIOSA
• FP7 STREP Project
• 1.3.2008 – 31.8.2010
23.11.2011
EVITA & PRESERVE Cooperation
5
EVITA
• FP7 STREP Project
• 1.7.2008 – 31.12.2011
23.11.2011
EVITA & PRESERVE Cooperation
58
6
Status before PRESERVE
SeVeCom, PRECIOSA, EVITA results not integrated
Evita FPGA HSM to costly for deployment in FOTs
No strong and scalable security solution in FOTs
PRESERVE Mission: Design, integrate, and test a
secure and scalable V2X Security Subsystem
for FOTs and Pilot Deployments
23.11.2011
EVITA & PRESERVE Cooperation
8
FP7-ICT-2009-6.2, STREP, No. 269994
1.1.2011 – 31.12.2014
23.11.2011
EVITA & PRESERVE Cooperation
59
10
Security and
Privacy Arch. and
Implementation
Secure IVC
Security
ASIC
Deployment
Challenges
ITS Privacy
V2X Security Subsystem
V2X
FOT
In-Vehicle Sec.
Security and Scalability Testing
Sec. Appl. Plat.
PREDRIVE C2X
Sec. Arch.
23.11.2011
EVITA & PRESERVE Cooperation
11
PRESERVE Objectives
Integrated V2X security architecture and implementation
based on SeVeCom, EVITA, and PRECIOSA results
Meet performance and cost requirements of
current FOTs
and future products, esp. build security ASIC
Provide “ready-to-use” V2X security subsystem
Solve open deployment and technical issues
hindering
standardization and product development
23.11.2011
EVITA & PRESERVE Cooperation
60
12
PRESERVE WPs
WP1: Integration Project Results in VSA (V2X Security Architecture)
WP2: Close-to-Market VSS (V2X Security Subsystem) Development
WP3: Field Operation Test
WP4: VSS Distribution and Support
WP5: Deployment Issues
WP6: Dissemination, Exploitation, Liaison
WP7: Administration
23.11.2011
EVITA & PRESERVE Cooperation
13
PRESERVE Timing
Y1
Y2
Y3
Y4
WP1: Integration Project Results in VSA
1100: Req. An..+ Res. Ass.
1200: VSA Design
1300: VSA Refinement
WP2: Close-to-Market VSS Development
2100: VSS Software
2200: FPGA HW
2300: ASIC HW
2310: ASIC Prototype
2320: ASIC Prod./Dis.
2400: Dev. Life-Cycle Man. Comp.
2500: System Testing
WP3: Field Operation Testing
3100: FOT Preparation
3200: FOT Execution
3210: FOT Trial 1 (FPGA)
3220: FOT Trial 2 (ASIC)
3230: Joined Trial (ASIC)
3300: FOT Evaluation
3310: Evaluation Trial 1
3320: Evaluation Trial 2
3330: Evaluation J. Trial
WP4: VSS Distribution and Support
4100: VSS Kit Req.+Spec.
4200: VSS Kit 1
4300: VSS Kit 2
4400: VSS Support
WP5: Deployment Issues
5100: Business Issues
5200: Technical Issues
WP6: Dissemination, Exploitation, Liaison
6100: General Dissemination, Exploitation, Liaison
6200: International Liaison WS
6300: Stakeholder WS
6400: Final Demonstration
WP7: Administration
7100: Year 1
7200: Year 2
7300: Year 3
7400: Year 4
23.11.2011
Q1
Q2
Q3
Q4
Q5
Q6
Q7
61
EVITA & PRESERVE Cooperation
Q8
Q9
Q10
Q11
Q12
Q13
Q14
14
Q15
Q16
PRESERVE V2X Security Architecture
In-Vehicle
Policy Decision
Mod.
Sensors
Sensors
Sensors
Comm. Control
Module
Entity Auth.
Mod.
Security Event
Processor
HSM
Open
SSL
PeRA
Importer
Exporter
Query API
V2X Comm. Stack
Transport Layer
CL External API
Inter Layer
Proxy
Convergence Layer
Facilities Layer
CL Internal API
Application
Layer
MAC Layer
Platform
Int. Mod.
Crypto.
Services
CAN Bus
Network Layer
HW Layer
TPM
ECUs
Head Unit
Security Supp.
Priv. Enf.
Runtime
Architecture
Management and
Configuration
Pseudonym
Manag.
Module
Secure
Communication
Module
Legend
X
Y X use service of Y
Sevecom Mod.
EVITA Module
ID & Trust
Management
Module
Comm. Layer
Sec. Services
PRECIOSA Mod.
External SW/HW
Optional comp.
PRESERVE HSM
• Based on “EVITA Full” FPGA design
• Early 2012: PRESERVE FPGAHSM for
– early tests with [email protected]
– verification of PRESERVE design before ASIC production
• Mid 2013: PRESERVE ASIC HSM
– Allows cost-effective large-scale testing and deployment
– USB 2.0 interface for easy integration in various OBUs
– Target price-point: <100 EUR
– Performance Target: 1000 verifications/s
23.11.2011
EVITA & PRESERVE Cooperation
62
17
3 Phase Testing
Trial 1: Internal, smale-scale, lab-test
Trial 2: Internal, large-scale, hybrid testbed
Joint trial:
with [email protected] FOT, large-scale, real
vehicles
0
23.11.2011
100
200
300
400
500 m
EVITA & PRESERVE Cooperation
18
Cooperation
Proposal
• EVITA HSM basis for the PRESERVE ASIC
• Aim that PRESERVE VSS will be compatible with other
EVITA components
• Joint demo at ITS World Congress 2012 in Vienna
[email protected] OBU
23.11.2011
VSS
VSS [email protected] OBU
EVITA & PRESERVE Cooperation
63
EVITA ECU
19
Expected Outcome
Harmonized V2X Security Architecture ✔
V2X Security Subsystem (incl. PKI backend)
Cheap and scalable security ASIC for V2X
Testing results VSS under realistic conditions
Results for deployment challenges
23.11.2011
EVITA & PRESERVE Cooperation
64
20

Documentos relacionados